search for: certfil

...key and a certificate (public key) in a single file gold.pem which has the form -----BEGIN CERTIFICATE----- MIID3DCCA... -----END CERTIFICATE----- -----BEGIN PRIVATE KEY----- MIIEvQIBA... -----END PRIVATE KEY----- I updated upsd.conf to # upsd.conf LISTEN 0.0.0.0 3493 CERTFILE /etc/nut/keys/gold.pem but when I restart nut-server.service I get the message Jul 04 10:49:05 maria upsd[4744]: upsd.conf: invalid directive CERTFILE /etc/nut/keys/gold.pem Jul 04 10:49:05 maria upsd[4744]: listening on 0.0.0.0 port 3493 My first reac...

On Wed, 4 Jul 2018, Roger Price wrote: > I tried adding SSL/TLS support to NUT following the User Manual chapter 9.5 > "Configuring SSL". > Jul 04 10:49:05 maria upsd[4744]: upsd.conf: invalid directive CERTFILE > /etc/nut/keys/gold.pem I tried again with openSUSE 42.3 and could not reproduce this error. All went well and I saw the desired SSL/TLS activation: ● nut-server.service - Network UPS Tools - power devices information server Jul 07 11:01:40 titan ups...

...rypt passwords = yes everything else is default. "mocha" is the PDC and is a NT4 box". The machine has joined the domain with "smbpasswd -j AGS_NT". When using "smbpasswd -f mocha" is fails: $ smbpasswd -D 3 -r mocha Unknown parameter encountered: "ssl CA certFile" Ignoring unknown parameter "ssl CA certFile" added interface ip=203.6.254.187 bcast=203.6.254.255 nmask=255.255.255.0 not adding duplicate interface 203.6.254.187 Old SMB password: New SMB password: Retype new SMB password: resolve_lmhosts: Attempting lmhosts lookup for name mocha&...

Citeren Emilien Kia <emilienkia-guest op alioth.debian.org>: > Author: emilienkia-guest > Date: Fri Jan 7 14:44:25 2011 > New Revision: 2809 > URL: http://trac.networkupstools.org/projects/nut/changeset/2809 > > Log: > Deprecate CERTFILE conf var to the benefit of CERTPATH : homogenize > conf directive names. > > Modified: > branches/ssl-nss-port/server/conf.c This patch breaks existing OpenSSL installations without valid reason, so I don't think this is a good idea. It would be better to use CERTFILE if O...

If I were guessing, based on some experience with certificate usage in other apps, concatenate your certificate and intermediate certificates into a single file which is then your "tls certfile" then point "tls cafile" to your issuers proper CA or just to your distro's CA bundle, e.g /etc/pki/tls/certs/ca-bundle.crt. Nick On 06/08/2020 16:36, MAS Jean-Louis via samba wrote: > Nobody has any clues about the tls cafile ? > > Regards > > Le 04/08/2020 ?...

...h server = self.create_server() File "/usr/share/rhn/rhn_applet/rhn_applet_rpc.py", line 83, in create_server s.add_trusted_cert(self.__cert__) File "/usr/lib/python2.3/site-packages/rhn/rpclib.py", line 440, in add_trusted_cert self._transport.add_trusted_cert(certfile) File "/usr/lib/python2.3/site-packages/rhn/transports.py", line 253, in add_trusted_cert raise ValueError, "Certificate file %s is not accessible" % certfile ValueError: Certificate file /usr/share/rhn/CNS-CA-CERT is not accessible -- Jerome Galliot Universit? de Fran...

...gure samba with windows 98 SE. I have used this site as reference http://www.linuxfocus.org/Francais/May2002/article247.shtml when I make testparam , I got this messages !! [root@linuxserver root]# testparm Load smb config files from /etc/samba/smb.conf Unknown parameter encountered: "ssl CA certFile" Ignoring unknown parameter "ssl CA certFile" Processing section "[netlogon]" Processing section "[homes]" Processing section "[public]" Loaded services file OK. Press enter to see a dump of your service definitions Also , when I try to specify to my...

...p, kdc, drepl, >>>> winbindd, ntp_signd, kcc, dnsupdate >>>> ? workgroup = EFINITY >>>> ? dns forwarder = 192.168.X.X 192.168.X.X >>>> ? tls enabled = yes >>>> ? tls keyfile = /usr/local/samba/private/tls/server.key >>>> ? tls certfile = /usr/local/samba/private/tls/server.crt >>>> ? tls cafile = /etc/pki/ca-trust/source/anchors/efinity-CA.crt >>> >>> I would take this up with whoever supplied your DC certificates, >>> they do not appear to be strong enough. >>> >>> Also,...

...esh server = self.create_server() File "/usr/share/rhn/rhn_applet/rhn_applet_rpc.py", line 87, in create_server s.add_trusted_cert(self.__cert__) File "/usr/lib/python2.3/site-packages/rhn/rpclib.py", line 466, in add_trusted_cert self._transport.add_trusted_cert(certfile) File "/usr/lib/python2.3/site-packages/rhn/transports.py", line 254, in add_trusted_cert raise ValueError, "Certificate file %s is not accessible" % certfile ValueError: Certificate file /usr/share/rhn/CNS-CA-CERT is not accessible -Geof C. Duncan http://teachageek.com...

Hi, Recently we have added 4.10.7 as additional dc, to our existing 4.4.5 samba AD DC, comparing output testparm I have detected that 4.4.5 has map readonly = no store dos attributes = Yes but 4.10.7 doesn't have Also compared smb.conf and both has the same configuration. Is this correct? Are required this configurations on 4.10.7? In a few day I want to upgrade this 4.4.5

Hello, I do vulnerability test on my infrastructure, and I get report about weak ciphers on samba services, is it possible to set stronger ciphers for samba? On old samba3 that was possible to set "ssl ciphers" in smb.conf, but now I don't see any documentation how to change it. Is it possible, if so, how? -- Arkadiusz Karpi?ski Efinity Sp. z o.o. 02-672 Warszawa, ul.

Hi all, Am trying to find a way to disable SSLv3 protocol in smb.conf on Samba4. I am using the following: tls enabled = yes tls keyfile = tls/myKey.pem tls certfile = tls/myCert.pem tls cafile = With a self-signed cert. But when I remote connect from another host using: openssl s_client -showcerts -connect samba4-dc:636 -ssl3 I get a successful connection. Any ideas? Thanks, Chris. -- ACS (Alavoine Computer Services Ltd) Chris Alavoine mob...

...15:02:51 gold upsd[15961]: Connected to UPS [Eaton]: usbhid-ups-Eaton Jul 10 15:02:51 gold upsd[15961]: listening on 0.0.0.0 port 3493 Jul 10 15:02:51 gold upsd[15962]: Startup successful Jul 10 15:02:51 gold upsd[15962]: Can not initialize SSL context The error message comes from netssl.c if (certfile) status = NSS_Init(certfile); else status = NSS_NoDB_Init(NULL); if (status != SECSuccess) { upslogx(LOG_ERR, "Can not initialize SSL context"); nss_error("upscli_init / NSS_[NoDB]_Init"); return; } Since certfile is defined, it looks as if legacy NSS_Init...

...39;m not sure what you mean with 'in same', just wanted to make it > clear.) > > > > The key/cert needs to be in a dir and file with applicable > > permissions? > > for the IceCast user... no biggie.. > > > > chown icecastusergroup:icecastusergroup??certfile > > > > What I am looking to confirm is that the cert file needs to > > contain: > > > > -----BEGIN RSA PRIVATE KEY----- > > MII > > -----END RSA PRIVATE KEY----- > > > > -----BEGIN CERTIFICATE----- > > MI > > -----END CERTIFICA...

...identity hint: None SRP username: None Start Time: 1497693590 Timeout : 300 (sec) Verify return code: 21 (unable to verify the first certificate) ... [global] ... ldap ssl = start tls ldap ssl ads = No tls cafile = tls/ca.pem tls certfile = tls/cert.pem tls crlfile = tls dh params file = tls enabled = Yes tls keyfile = tls/key.pem tls priority = NORMAL:-VERS-SSL3.0 tls verify peer = ca_and_name Version: samba 4.6.5 Best regards, Supporter 3eb

...> > clear.) > > > > > > > > > > The key/cert needs to be in a dir and file with applicable > > > > permissions? > > > > for the IceCast user... no biggie.. > > > > > > > > chown icecastusergroup:icecastusergroup??certfile > > > > > > > > > > What I am looking to confirm is that the cert file needs to > > > > contain: > > > > > > > > -----BEGIN RSA PRIVATE KEY----- > > > > MII > > > > -----END RSA PRIVATE KEY----- > >...

...server role = active directory domain controller > idmap_ldb:use rfc2307 = yes > comment = > > winbind enum users = yes > winbind enum groups = yes > > tls enabled = yes > tls keyfile = tls/server1.pem.key > tls certfile = tls/server1.pem.crt > tls cafile = tls/ca.pem.crt > > > tls verify peer = ca_and_name > > ldap server require strong auth = no > > > [netlogon] > path = /usr/local/samba/var/locks/sysvol/domain.com/scripts > read only = No...

...> > > > > > The key/cert needs to be in a dir and file with applicable > > > > > > permissions? > > > > > > for the IceCast user... no biggie.. > > > > > > > > > > > > chown icecastusergroup:icecastusergroup??certfile > > > > > > > > > > > > > > > > What I am looking to confirm is that the cert file needs to > > > > > > contain: > > > > > > > > > > > > -----BEGIN RSA PRIVATE KEY----- > > > > >...

Hi people, i have a problem with trying ldaps i use autogenerated self-signed certificate, i write in smb this: tls enabled = yes tls keyfile = tls/key.pem tls certfile = tls/cert.pem without cafile when i try to verify with: openssl verify /usr/local/samba/private/tls/myCert.pem it said me unable to verify the first certificate and if add -CApath works! and finally when i try from another dc with openssl s_client -showcerts -connect dc1.samdom.example.com:63...